$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/gBtN9CqnoO05_nj_UlyMWTjmVU4.roa File: gBtN9CqnoO05_nj_UlyMWTjmVU4.roa (raw, json) Hash identifier: +9IKIIql+HSPqyrX58C92sqfPfT/5ge/1DSaKFizs6U= Subject key identifier: 80:1B:4D:F4:2A:A7:A0:ED:39:FE:78:FF:52:5C:8C:59:38:E6:55:4E Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1890 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/gBtN9CqnoO05_nj_UlyMWTjmVU4.roa Signing time: Fri 17 Jan 2025 01:25:15 +0000 ROA not before: Fri 17 Jan 2025 01:25:15 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4812 IP address blocks: 150.242.238.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6288 (0x1890) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:15 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=801B4DF42AA7A0ED39FE78FF525C8C5938E6554E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:73:5b:29:d2:65:99:01:5d:ce:5c:38:32:f1: c4:e0:84:74:42:74:d7:bd:eb:df:4c:17:91:86:a0: 34:28:4c:6f:78:fe:1d:f7:08:95:ae:0e:4c:18:4b: 36:3a:5e:5f:a4:62:18:54:b0:5f:d4:57:79:f2:d2: 88:ca:ec:c3:24:f8:e0:e6:f6:9a:98:4c:8c:4c:eb: 50:0e:ca:5b:c7:0f:66:05:5c:8e:67:30:70:91:e3: bb:e1:dd:e7:3f:88:9f:ee:67:cd:06:24:f5:34:b9: 37:39:e0:26:f9:f5:f9:4f:2a:1a:7b:cd:7c:14:d1: 6c:25:49:2e:bb:5d:57:4c:91:da:e6:30:b4:50:58: 45:e7:51:dd:42:ba:b1:d3:90:6b:9e:8d:77:44:fd: 47:0e:6c:27:d7:22:e7:ea:2a:dd:81:4f:2e:b3:ec: 44:fc:50:c6:e5:e3:22:3c:61:5f:fe:0d:a1:6f:97: 75:a2:08:41:c8:8d:9e:e8:64:e7:a5:6f:0a:fa:16: e9:8f:d8:6e:a0:ac:cd:15:06:5e:d5:b0:ce:f5:3d: c1:e0:fd:e7:ae:b6:45:ca:a4:b3:81:26:79:1a:36: 16:22:00:10:3c:42:7f:b7:e3:60:6d:99:48:c0:e0: 8f:5d:73:c2:03:e4:dc:8b:1e:e3:30:22:b1:29:a6: 97:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:1B:4D:F4:2A:A7:A0:ED:39:FE:78:FF:52:5C:8C:59:38:E6:55:4E X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/gBtN9CqnoO05_nj_UlyMWTjmVU4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.242.238.0/23 Signature Algorithm: sha256WithRSAEncryption 34:3b:54:69:cc:ea:90:6c:d7:03:46:a6:8e:ec:76:9f:04:05: 77:3c:6a:65:b1:42:ab:2d:38:ff:ab:84:bf:55:1d:f8:3a:96: 68:18:ba:df:a5:fe:07:eb:4c:6c:49:4e:3a:04:f3:5b:81:31: 06:5f:70:cd:bc:a9:aa:81:ec:60:47:3a:62:09:98:1c:35:1c: 0f:74:8c:a6:a6:14:65:11:ca:18:30:77:d1:72:33:a9:df:63: 01:8b:c3:63:5b:68:c8:80:dd:27:03:9d:ce:5c:8f:c7:e2:8f: e5:c5:cb:9b:3e:f0:18:f4:fc:81:64:e4:cb:c4:50:55:f5:7f: d8:55:55:23:b6:c4:4f:df:ac:2b:f8:14:a5:20:07:b3:5d:95: 2d:87:cf:8d:75:d4:e8:bb:5c:13:e4:ee:00:3e:55:1f:80:07: 52:f8:cb:ab:3b:9a:d8:8a:dc:f8:21:e6:65:78:6f:41:bf:a5: 4b:4b:6f:1d:79:61:6c:bd:ce:e1:42:73:c1:5a:fd:b1:cc:ad: 04:31:8e:a1:94:45:68:b3:07:c0:95:8a:79:14:ee:08:dd:63: d6:14:d7:0c:49:38:29:60:fb:ce:a1:b8:2c:ca:40:c9:1c:af: d8:8a:81:f8:eb:52:56:0a:29:d2:88:4d:b9:d1:a9:a5:40:ab: f7:79:1b:e3 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGJAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDgwMUI0REY0MkFBN0Ew RUQzOUZFNzhGRjUyNUM4QzU5MzhFNjU1NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDhc1sp0mWZAV3OXDgy8cTghHRCdNe9699MF5GGoDQoTG94/h33 CJWuDkwYSzY6Xl+kYhhUsF/UV3ny0ojK7MMk+ODm9pqYTIxM61AOylvHD2YFXI5n MHCR47vh3ec/iJ/uZ80GJPU0uTc54Cb59flPKhp7zXwU0WwlSS67XVdMkdrmMLRQ WEXnUd1CurHTkGuejXdE/UcObCfXIufqKt2BTy6z7ET8UMbl4yI8YV/+DaFvl3Wi CEHIjZ7oZOelbwr6FumP2G6grM0VBl7VsM71PcHg/eeutkXKpLOBJnkaNhYiABA8 Qn+342BtmUjA4I9dc8ID5NyLHuMwIrEpppejAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUgBtN9CqnoO05/nj/UlyMWTjmVU4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2dCdE45Q3Fub08wNV9u al9VbHlNV1RqbVZVNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGW8u4wDQYJKoZIhvcNAQELBQADggEBADQ7VGnM6pBs1wNGpo7sdp8EBXc8amWx QqstOP+rhL9VHfg6lmgYut+l/gfrTGxJTjoE81uBMQZfcM28qaqB7GBHOmIJmBw1 HA90jKamFGURyhgwd9FyM6nfYwGLw2NbaMiA3ScDnc5cj8fij+XFy5s+8Bj0/IFk 5MvEUFX1f9hVVSO2xE/frCv4FKUgB7NdlS2Hz4111Oi7XBPk7gA+VR+AB1L4y6s7 mtiK3Pgh5mV4b0G/pUtLbx15YWy9zuFCc8Fa/bHMrQQxjqGURWizB8CVinkU7gjd Y9YU1wxJOClg+86huCzKQMkcr9iKgfjrUlYKKdKITbnRqaVAq/d5G+M= -----END CERTIFICATE-----Generated at Fri Apr 4 18:36:03 2025 by rpki-client